Travel Required: Less than 10%
Public Trust: SSBI (T5)
Requisition Type: Regular
CAC/PKI Senior Engineer
The CAC/PKI Senior Engineer provides services in support of the U.S. Army Network Enterprise Technology Command (NETCOM). You provide Common Access Card (CAC)/ Public Key Infrastructure (PKI) capability management, engineering, testing, documentation, and system administration support in the NIPRNET, SIPRNET and Deployed Forces (DF) portion of the Department of Defense Information Network (DoDIN). You will provide Tier III support for patches and updates, to include testing the baseline in the ITE to verify if these can be applied in the Army Enterprise Environment. You will also develop Enterprise Technical Procedures (ETPs), CONOPS, Test Plans, and Test Reports with the directions to apply the patches and upgrades. We are looking to hire a full-time CAC/PKI Senior Engineer to support our IT services contract located at Fort Huachuca, AZ.
Provide planning, design, development, engineering, integration, and technical and operational support to the ADCNOMS project.
Online Certificate Status Protocol (OCSP) technologies, including Tumbleweed or CoreStreet; PKE of web technologies; PKE of Microsoft Active Directory; and Smartcard middleware technologies, including ActivClient or 90 Meter.
CAC/PKI expertise, knowledge, skills
Active Directory, Active Client, Hardware Security Module (HSM), Online Certificate Status Protocol (OCSP), and Certificate Authority and smart card enablement
Microsoft Internet Information Services (IIS), Apache HTTP servers, smart card enablement and experience with the DoD CPR program and operational and troubleshooting experience with CPR workstations
CAC and CAC enabled Active Directory domains; virtualization technology
OCSP technologies and their operation within an enterprise setting
Microsoft Certification Authorities and hardware security modules
Army PKI and Joint Informational Environment (JIE) PKI
Expertise and engineering support for certificate validation technologies such as, Microsoft OCSP; Axway Validation Suite; and CoreStreet Validation Suite
Engineering expertise and support on current Enterprise and Joint Environment architecture with particular focus on PKI and Identity Management aspects
RA/LRA training Engineers to support TMS/ILS testing
RA DISA training per CNSS Instruction No. 1300 (to qualify as RA surge support)
BA/BS or equivalent experience
DoD 8570.1-M Certification: IAT Level III Certification
Computing Environment Certification, MCSE certification and RA and/or LRA training IAW Committee on National Security Systems (CNSS) Instruction No. 1300, Registration Practice Statement, Certification Practice Statement
Clearance: Must hold an active Secret Clearance. Upon start, must be able to obtain a TS/SCI
5 - 8 years of experience in information technology field
About Our Work
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.